77d3d04977267c47560ddd0e818b3d2d9872637be27a8fc8546f8d8432bb3bc5

General

Target

77d3d04977267c47560ddd0e818b3d2d9872637be27a8fc8546f8d8432bb3bc5
Size

12.1MB
MD5

e59d589ac27ee093ba1e361ae994a6db
SHA1

6ff26da647fcecf73e194c1cdcfb40e503fe68c0
SHA256

77d3d04977267c47560ddd0e818b3d2d9872637be27a8fc8546f8d8432bb3bc5
SHA512

6e4a80136aa0afeb13e9c4f66cec0f73a3b5db343e628583a9a68edd6a350f44d79bc4f12ef7e33025a4ba0d4bb19d7372833f149a9a71f4c87928c020a67181
SSDEEP

393216:JUVxO2rMqqs2XnRYmJwP8L+huggqt3oUfgon/FB:JgxO2mJXRYms8idPt39FB

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

description	ioc
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE
Required by VPN services to bind with the system. Allows apps to provision VPN services.	android.permission.BIND_VPN_SERVICE

Requests dangerous framework permissions 10 IoCs

description	ioc
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Required to be able to access the camera device.	android.permission.CAMERA
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an app to access precise location.	android.permission.ACCESS_FINE_LOCATION
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to collect component usage statistics.	android.permission.PACKAGE_USAGE_STATS

Files

77d3d04977267c47560ddd0e818b3d2d9872637be27a8fc8546f8d8432bb3bc5
.apk android arch:arm

com.wandoujia.phoenix2

com.pp.assistant.activity.PPMainActivity

Activities

com.pp.assistant.activity.PPMainActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.pp.assistant.activity.ExternalRouterActivity

com.wdj.intent.action.INVOKE

com.pp.assistant.activity.LibActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.pp.assistant.activity.PPAppUpdateActivity

android.intent.action.MAIN

com.pp.assistant.activity.PPDefaultFragmentActivity

android.intent.action.MAIN

com.pp.assistant.activity.PPSearchActivity

android.intent.action.MAIN

com.wandoujia.p4.app_launcher.activity.AppLauncherActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.wandoujia.launcher.launcher.activity.GameLauncherActivity

android.intent.action.MAIN
android.intent.action.VIEW
phoenix.intent.action.FROM_GAME_SHORTCUT

com.tencent.tauth.AuthActivity

android.intent.action.VIEW

com.pp.assistant.activity.OutsideWebActivity

android.intent.action.VIEW

com.pp.assistant.activity.PPExternalDialogActivity

android.intent.action.VIEW
android.intent.action.VIEW
android.intent.action.VIEW

com.wandoujia.account.activities.PhoenixAccountActivity

android.intent.action.MAIN
android.intent.action.VIEW

com.wandoujia.account.activities.AccountModifyProfileActivity

android.intent.action.VIEW

com.wandoujia.account.activities.AccountBindActivity

android.intent.action.VIEW

com.wandoujia.account.activities.AccountBindGuideActivity

android.intent.action.VIEW

com.pp.assistant.install.installfinish.InstallJumpActivity

android.intent.action.VIEW
android.intent.action.INSTALL_PACKAGE
android.intent.action.INSTALL_PACKAGE

com.pp.assistant.activity.SpaceActivity

android.intent.action.VIEW

com.pp.assistant.activity.SSOActivity

com.wandoujia.phoenix2.action.ssoactivity

com.pp.assistant.activity.LinksActivity

android.intent.action.VIEW

Permissions

android.permission.MANAGE_ACCOUNTS
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.USE_CREDENTIALS
android.permission.READ_SETTINGS
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.CHANGE_WIFI_MULTICAST_STATE
android.permission.WRITE_SETTINGS
android.permission.CAMERA
android.permission.FLASHLIGHT
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.READ_PHONE_STATE
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_PACKAGE_SIZE
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.CLEAR_APP_CACHE
android.permission.DISABLE_KEYGUARD
com.android.launcher.permission.READ_SETTINGS
com.android.launcher.permission.WRITE_SETTINGS
com.android.launcher3.permission.READ_SETTINGS
com.android.launcher3.permission.WRITE_SETTINGS
com.meizu.flyme.launcher.permission.READ_SETTINGS
com.meizu.flyme.launcher.permission.WRITE_SETTINGS
org.adw.launcher.permission.READ_SETTINGS
org.adw.launcher.permission.WRITE_SETTINGS
com.qihoo360.launcher.permission.READ_SETTINGS
com.qihoo360.launcher.permission.WRITE_SETTINGS
com.lge.launcher.permission.READ_SETTINGS
com.lge.launcher.permission.WRITE_SETTINGS
net.qihoo.launcher.permission.READ_SETTINGS
net.qihoo.launcher.permission.WRITE_SETTINGS
org.adwfreak.launcher.permission.READ_SETTINGS
org.adwfreak.launcher.permission.WRITE_SETTINGS
com.huawei.launcher3.permission.READ_SETTINGS
com.huawei.launcher3.permission.WRITE_SETTINGS
com.fede.launcher.permission.READ_SETTINGS
com.fede.launcher.permission.WRITE_SETTINGS
com.sec.android.app.twlauncher.settings.READ_SETTINGS
com.sec.android.app.twlauncher.settings.WRITE_SETTINGS
com.anddoes.launcher.permission.READ_SETTINGS
com.anddoes.launcher.permission.WRITE_SETTINGS
com.lenovo.launcher.permission.READ_SETTINGS
com.lenovo.launcher.permission.WRITE_SETTINGS
com.google.android.launcher.permission.READ_SETTINGS
com.google.android.launcher.permission.WRITE_SETTINGS
com.oppo.launcher.permission.WRITE_SETTINGS
com.oppo.launcher.permission.READ_SETTINGS
com.yulong.android.launcher3.permission.WRITE_SETTINGS
com.yulong.android.launcher3.permission.READ_SETTINGS
com.huawei.android.launcher.permission.READ_SETTINGS
com.huawei.android.launcher.permission.WRITE_SETTINGS
com.htc.launcher.permission.READ_SETTINGS
com.htc.launcher.permission.WRITE_SETTINGS
com.bbk.launcher2.permission.READ_SETTINGS
com.bbk.launcher2.permission.WRITE_SETTINGS
android.permission.WAKE_LOCK
android.permission.BROADCAST_PACKAGE_ADDED
android.permission.BROADCAST_PACKAGE_CHANGED
android.permission.BROADCAST_PACKAGE_INSTALL
android.permission.BROADCAST_PACKAGE_REPLACED
android.permission.RESTART_PACKAGES
android.permission.GET_TASKS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.CHANGE_NETWORK_STATE
android.permission.GET_ACCOUNTS
android.permission.VIBRATE
android.permission.BIND_ACCESSIBILITY_SERVICE
android.permission.AUTHENTICATE_ACCOUNTS
android.permission.WRITE_SYNC_SETTINGS
android.permission.MANAGE_ACCOUNTS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
com.wandoujia.phoenix2.permission.MIPUSH_RECEIVE
android.permission.PACKAGE_USAGE_STATS
android.permission.ACCESS_MTK_MMHW

Receivers

com.alv.foun.PhoenixBroadcastReceiver

android.intent.action.USER_PRESENT
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED
android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REMOVED
com.alv.foun.ACTION_WAKE_UP_ALARM

com.pp.assistant.receiver.WashPackageReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REPLACED
android.intent.action.PACKAGE_REMOVED

com.pp.assistant.receiver.UpdateNetworkReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.lib.common.receiver.PhoneStateReceiver

android.intent.action.PHONE_STATE
android.intent.action.NEW_OUTGOING_CALL

com.pp.assistant.crash.UCCrashReceiver

android.intent.action.PACKAGE_ADDED
android.intent.action.PACKAGE_REPLACED

com.taobao.accs.EventReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.PACKAGE_REMOVED
android.intent.action.USER_PRESENT

com.taobao.accs.ServiceReceiver

com.taobao.accs.intent.action.COMMAND
com.taobao.accs.intent.action.START_FROM_AGOO

com.taobao.agoo.AgooCommondReceiver

com.pp.assistant.intent.action.COMMAND
android.intent.action.PACKAGE_REMOVED

org.android.agoo.xiaomi.MiPushBroadcastReceiver

com.xiaomi.mipush.RECEIVE_MESSAGE
com.xiaomi.mipush.ERROR

com.ali.money.shield.sdk.cleaner.update.UpdateNetworkReceiver

android.net.wifi.STATE_CHANGE

com.pp.assistant.receiver.RismReceiver

com.uc.base.rism.ACTION_RECEIVE_MESSAGE

com.ali.money.shield.sdk.cleaner.core.JunkScannerReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.MEDIA_MOUNTED
android.intent.action.MEDIA_UNMOUNTED
com.ali.money.shield.alicleanerlib.ScheduleJunkScan
android.intent.action.ACTION_POWER_CONNECTED
android.intent.action.ACTION_POWER_DISCONNECTED

Services

com.lib.downloader.RPPDCBMainService

com.lib.downloader.RPPDCallBackService

com.lib.downloader.RPPDCBRemoteService

com.lib.downloader.RPPDCBRemoteService

com.lib.downloader.RPPDBindService

com.lib.downloader.RPPDownloadService

com.lib.downloader.RPPDStartService

com.lib.downloader.RPPDownloadServiceBackup

com.pp.assistant.worker.PPEmojiCheckerService

com.pp.assistant.worker.PPEmojiCheckerService

com.alv.foun.service.PhoenixService

android.view.InputMethod
oppo.intent.action.keyguard
com.oppo.weather.external.ExternalWeatherWidgetService

com.alv.foun.accountsync.AuthenticatorService

android.accounts.AccountAuthenticator

com.alv.foun.accountsync.AccountSyncService

android.content.SyncAdapter

com.pp.assistant.worker.PPExternalIntentService

com.wdj.intent.action.INVOKE

com.pp.assistant.worker.PPRemoteIntentService

com.pp.assistant.worker.PPRemoteIntentService

com.uc.addon.sdk.remote.AddonService

com.uc.browser.action.Addon

com.pp.assistant.accessibility.AccessibilityService

android.accessibilityservice.AccessibilityService

com.pp.assistant.worker.PPFakeService

com.pp.assistant.worker.PPFakeService

com.taobao.accs.ChannelService

com.taobao.accs.intent.action.SERVICE
com.taobao.accs.intent.action.ELECTION

com.taobao.accs.data.MsgDistributeService

com.taobao.accs.intent.action.RECEIVE

org.android.agoo.accs.AgooService

com.taobao.accs.intent.action.RECEIVE

com.wandoujia.phoenix2.TaobaoIntentService

org.agoo.android.intent.action.RECEIVE
com.pp.assistant.intent.thirdPush.action.COMMAND

com.taobao.agoo.TaobaoMessageIntentReceiverService

org.android.agoo.client.MessageReceiverService

Android Permissions

77d3d04977267c47560ddd0e818b3d2d9872637be27a8fc8546f8d8432bb3bc5

Permissions

android.permission.MANAGE_ACCOUNTS

android.permission.AUTHENTICATE_ACCOUNTS

android.permission.USE_CREDENTIALS

android.permission.READ_SETTINGS

android.permission.READ_EXTERNAL_STORAGE

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.MOUNT_UNMOUNT_FILESYSTEMS

android.permission.INTERNET

android.permission.ACCESS_NETWORK_STATE

android.permission.ACCESS_WIFI_STATE

android.permission.CHANGE_WIFI_STATE

android.permission.CHANGE_WIFI_MULTICAST_STATE

android.permission.WRITE_SETTINGS

android.permission.CAMERA

android.permission.FLASHLIGHT

com.android.launcher.permission.INSTALL_SHORTCUT

com.android.launcher.permission.UNINSTALL_SHORTCUT

android.permission.READ_PHONE_STATE

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.SYSTEM_ALERT_WINDOW

android.permission.GET_PACKAGE_SIZE

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.CLEAR_APP_CACHE

android.permission.DISABLE_KEYGUARD

com.android.launcher.permission.READ_SETTINGS

com.android.launcher.permission.WRITE_SETTINGS

com.android.launcher3.permission.READ_SETTINGS

com.android.launcher3.permission.WRITE_SETTINGS

com.meizu.flyme.launcher.permission.READ_SETTINGS

com.meizu.flyme.launcher.permission.WRITE_SETTINGS

org.adw.launcher.permission.READ_SETTINGS

org.adw.launcher.permission.WRITE_SETTINGS

com.qihoo360.launcher.permission.READ_SETTINGS

com.qihoo360.launcher.permission.WRITE_SETTINGS

com.lge.launcher.permission.READ_SETTINGS

com.lge.launcher.permission.WRITE_SETTINGS

net.qihoo.launcher.permission.READ_SETTINGS

net.qihoo.launcher.permission.WRITE_SETTINGS

org.adwfreak.launcher.permission.READ_SETTINGS

org.adwfreak.launcher.permission.WRITE_SETTINGS

com.huawei.launcher3.permission.READ_SETTINGS

com.huawei.launcher3.permission.WRITE_SETTINGS

com.fede.launcher.permission.READ_SETTINGS

com.fede.launcher.permission.WRITE_SETTINGS

com.sec.android.app.twlauncher.settings.READ_SETTINGS

com.sec.android.app.twlauncher.settings.WRITE_SETTINGS

com.anddoes.launcher.permission.READ_SETTINGS

com.anddoes.launcher.permission.WRITE_SETTINGS

com.lenovo.launcher.permission.READ_SETTINGS

com.lenovo.launcher.permission.WRITE_SETTINGS

Sharing

General

Malware Config

Signatures

Files

com.wandoujia.phoenix2

com.pp.assistant.activity.PPMainActivity

Activities

com.pp.assistant.activity.PPMainActivity

com.pp.assistant.activity.ExternalRouterActivity

com.pp.assistant.activity.LibActivity

com.pp.assistant.activity.PPAppUpdateActivity

com.pp.assistant.activity.PPDefaultFragmentActivity

com.pp.assistant.activity.PPSearchActivity

com.wandoujia.p4.app_launcher.activity.AppLauncherActivity

com.wandoujia.launcher.launcher.activity.GameLauncherActivity

com.tencent.tauth.AuthActivity

com.pp.assistant.activity.OutsideWebActivity

com.pp.assistant.activity.PPExternalDialogActivity

com.wandoujia.account.activities.PhoenixAccountActivity

com.wandoujia.account.activities.AccountModifyProfileActivity

com.wandoujia.account.activities.AccountBindActivity

com.wandoujia.account.activities.AccountBindGuideActivity

com.pp.assistant.install.installfinish.InstallJumpActivity

com.pp.assistant.activity.SpaceActivity

com.pp.assistant.activity.SSOActivity

com.pp.assistant.activity.LinksActivity

Permissions

Receivers

com.alv.foun.PhoenixBroadcastReceiver

com.pp.assistant.receiver.WashPackageReceiver

com.pp.assistant.receiver.UpdateNetworkReceiver

com.lib.common.receiver.PhoneStateReceiver

com.pp.assistant.crash.UCCrashReceiver

com.taobao.accs.EventReceiver

com.taobao.accs.ServiceReceiver

com.taobao.agoo.AgooCommondReceiver

org.android.agoo.xiaomi.MiPushBroadcastReceiver

com.ali.money.shield.sdk.cleaner.update.UpdateNetworkReceiver

com.pp.assistant.receiver.RismReceiver

com.ali.money.shield.sdk.cleaner.core.JunkScannerReceiver

Services

com.lib.downloader.RPPDCBMainService

com.lib.downloader.RPPDCBRemoteService

com.lib.downloader.RPPDBindService

com.lib.downloader.RPPDStartService

com.pp.assistant.worker.PPEmojiCheckerService

com.alv.foun.service.PhoenixService

com.alv.foun.accountsync.AuthenticatorService

com.alv.foun.accountsync.AccountSyncService

com.pp.assistant.worker.PPExternalIntentService

com.pp.assistant.worker.PPRemoteIntentService

com.uc.addon.sdk.remote.AddonService

com.pp.assistant.accessibility.AccessibilityService

com.pp.assistant.worker.PPFakeService

com.taobao.accs.ChannelService

com.taobao.accs.data.MsgDistributeService

org.android.agoo.accs.AgooService

com.wandoujia.phoenix2.TaobaoIntentService

com.taobao.agoo.TaobaoMessageIntentReceiverService

Android Permissions

77d3d04977267c47560ddd0e818b3d2d9872637be27a8fc8546f8d8432bb3bc5